GOMOOT Apr 22, 2025

šŸ’” SuperCard X: nuova minaccia contactless in rapida espansione

https://gomoot.com/supercard-x-nuova-minaccia-contactless-in-rapida-espansione

#atm #blog #contactless #google #malware #news #nfc #pagamenti #picks #playstore #pos #supercardx #tech #tecnologia #telegram

SuperCard X: nuova minaccia contactless in rapida espansion

Nuova ondata di attacchi NFC relay sui dispositivi Android: SuperCard X sfrutta l'ingegneria sociale, tecniche evasive e una struttura modulare

Gomoot : tecnologia e lifestyle Scopri le ultime novitĆ  in fatto di hardware,tecnologia e altro
Andrea Draghetti šŸŽ£Apr 22, 2025

šŸ“¢ Ricevi un SMS dalla banca e ti chiedono di ā€œverificare la cartaā€? Attento: potrebbe essere SuperCard X.

Unā€™app fraudolenta legge la tua carta via NFC e la usa da remoto.
Ecco come funziona šŸ‘‰ https://www.d3lab.net/supercard-x-la-nuova-truffa-che-colpisce-gli-utenti-italiani/

#TruffeOnline #Android #NFC #Sicurezza #SuperCardX

SuperCard X: la nuova truffa che colpisce gli utenti italiani

Nuova truffa in Italia: app Android come ā€œVerifica Cartaā€ leggono i dati NFC della carta di credito per emularla e usarla da remoto. Lā€™attacco combina smishing, vishing e tecniche avanzate di emulazione. Scopri come difenderti.

D3Lab
EfaniApr 21, 2025

šŸšØ A new Android malware campaign is using NFC relay attacks to clone credit cards ā€” and itā€™s nearly invisible to antivirus tools.

Security researchers have discovered 'SuperCard X', a malware-as-a-service (MaaS) platform that allows cybercriminals to steal card data and make contactless payments using compromised Android devices.

Key highlights from the report:
- Distributed via social engineering scams through fake SMS or WhatsApp messages
- Victims are tricked into installing a malicious app disguised as a bank ā€œverificationā€ tool
- Once installed, it uses NFC to read card chip data and sends it to a second attacker device
- Attackers use a companion app to emulate the victimā€™s card and make payments or ATM withdrawals

šŸ” What makes it dangerous:
- SuperCard X requests minimal permissions, making it hard to detect
- It uses ATR-based card emulation and mutual TLS (mTLS) for secure communication
- Malware is not flagged by any antivirus engines on VirusTotal
- Transactions are small, instant, and look legitimate to banks ā€” making them harder to detect or reverse

šŸ›”ļø Google responded saying Play Protect is active and currently no such apps are listed on Google Play. But since these apps spread outside the store, Android users remain at risk ā€” especially if they sideload apps or fall for impersonation scams.

This is a textbook example of how mobile payment infrastructure is being exploited ā€” and why NFC security deserves more attention in mobile-first threat models.

At @Efani weā€™re committed to helping protect high-risk users from silent, evasive mobile threats just like this.

#Cybersecurity #AndroidMalware #NFC #MobileSecurity #EfaniSecure #SuperCardX #FintechFraud #MalwareAsAService

TechNewsRoApr 20, 2025

#SuperCardX: A New #Android #Threat for #NFC Relay #Fraud

https://technewsro.blog/supercard-x-o-noua-amenintare-android-pentru-frauda-nfc-relay/

SuperCard X: O Nouă Amenințare Android pentru Fraudă NFC Relay - TECHNEWSRO

SuperCard X: O Nouă Amenințare Android pentru Fraudă NFC Relay TECHNEWSRO Securitate

TECHNEWSRO
The DefendOps DiariesApr 19, 2025

Imagine a malware that stealthily uses your phoneā€™s NFC to swipe payment dataā€”without raising any alarms. SuperCard X is that new game-changer for cybercriminals. Could your device be at risk?

https://thedefendopsdiaries.com/supercard-x-a-new-era-of-mobile-malware/

#supercardx
#mobilemalware
#nfcrelay
#cybersecurity
#malwareasaservice